Version(s): 9.3.2 and prior versions Description: A vulnerability was reported in BIND. A remote user can cause denial of service conditions.
A remote user (DNS server) can send specially crafted RRset responses in return to a recursive SIG query to cause the requesting named service to crash [CVE-2006-4095]. A remote user can also send specially crafted queries to trigger an INSIST failure and cause the requesting service(s) to crash [CVE-2006-4096]. Impact: A remote user can cause the target named service to crash. Solution: The vendor has issued fixed versions (9.3.2-P1, 9.2.7, and 9.2.6-P1), available at: http://www.isc.org/sw/bind/ -- BIND vulnerability https://launchpad.net/bugs/59202 -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
